package com.zhx.servlet;

import java.io.IOException;
import java.sql.ResultSet;

import javax.jws.soap.SOAPBinding.Use;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

import com.zhx.database.DbUtil;
import com.zhx.user.User;

/**
 * 登录验证控制模块
 * 
 * @author 演示
 *
 */

public class LoginServlet extends BaseServlet {

	private static final Logger logger = LogManager.getLogger(LoginServlet.class);

	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		this.doPost(request, response);
	}

	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

		login(request, response);

	}

	/**
	 * 登陆请求处理
	 * @param request
	 * @param response
	 * @throws ServletException
	 * @throws IOException
	 */
	private void login(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		String path = "login.jsp";
		try {
            // 获取用户输入的工号和密码
			String userId = request.getParameter("user_Id");
			String userPassword = request.getParameter("user_Password");
			
			// 查询数据库该用户账号密码是否错误
			DbUtil dbUtil = new DbUtil();
			String sql = "select * from sys_user where user_id = "+userId+" and user_password = '"+userPassword+"'";
			ResultSet rs = dbUtil.executeQuery(sql);
			User user = new User();
			while(rs.next()) {
				user.setId(rs.getInt("id"));
				user.setUserId(rs.getString("user_id"));
				user.setUserPassword(rs.getString("user_password"));
			}
			
			// 登陆成功
			if(user.getUserId() != null) {
				path = "index.jsp";
			}
			
			
		} catch (Exception e) {
			e.printStackTrace();
			path = "error/500.jsp";
		}
		// 跳转页面
		process(request, response, path);

	}

}
